package com.lw.carmanage.security;

import com.lw.carmanage.security.handler.MyFailHandler;
import com.lw.carmanage.security.handler.MySuccessHandler;
import com.lw.carmanage.security.service.MyUserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Component;

/**
 * @author Administrator
 * @version 1.0
 * @description:
 * @date 2022/3/29 17:13
 */
@Component
@EnableWebSecurity//开启security
@EnableGlobalMethodSecurity(proxyTargetClass = true,jsr250Enabled = true,prePostEnabled = true)
public class MyBaseSecurityConfig extends WebSecurityConfigurerAdapter {

    private MySuccessHandler mySuccessHandler;

    @Autowired
    public void setMySuccessHandler(MySuccessHandler mySuccessHandler) {
        this.mySuccessHandler = mySuccessHandler;
    }
    private MyFailHandler myFailHandler;

    @Autowired
    public void setMyFailHandler(MyFailHandler myFailHandler) {
        this.myFailHandler = myFailHandler;
    }

    private MyUserService myUserService;

    @Autowired
    public void setMyUserService(MyUserService myUserService) {
        this.myUserService = myUserService;
    }

    private BCryptPasswordEncoder bCryptPasswordEncoder;

    @Autowired
    public void setbCryptPasswordEncoder(BCryptPasswordEncoder bCryptPasswordEncoder) {
        this.bCryptPasswordEncoder = bCryptPasswordEncoder;
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(myUserService)
                .passwordEncoder(bCryptPasswordEncoder);
    }

    @Override
    public void configure(WebSecurity web) throws Exception {
        web.ignoring().antMatchers("/js/**","/css/**","/users/*");
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable();
        http.authorizeRequests()//认证请求
                .and().formLogin()//默认登录地址
                .loginProcessingUrl("/login")//自定义登录地址，不需要写controller
                //.loginPage("/index.html")
                .successHandler(mySuccessHandler)
                .failureHandler(myFailHandler)
                .permitAll()
                .and()
                .logout().logoutUrl("/logout")
                .permitAll()
                .and().authorizeRequests().anyRequest()//除了上面配置的所有地址
                .authenticated();//都必须登录才行
    }
}
